Services (for example, microservices) often need to perform admin operations on endpoint services such as application servers, microservices, and databases. A microservice requires administrative level access to endpoint service to perform an admin operation. Typically, a microservice stores admin credentials for the endpoint service in an unsecure internal memory. The perpetual storage of sensitive data in an unsecure location makes the service a prime target for hackers to obtain uncontrolled administrative level access to the endpoint service. A method is needed to enable a microservice to run as an unprivileged user, and to temporarily elevate to the privilege level needed to perform a task and then drop the privilege level immediately.
Skilled artisans will appreciate that elements in the figures are illustrated for simplicity and clarity and have not necessarily been drawn to scale. For example, the dimensions of some of the elements in the figures may be exaggerated relative to other elements to help to improve understanding of embodiments of the present invention.
The apparatus and method components have been represented where appropriate by conventional symbols in the drawings, showing only those specific details that are pertinent to understanding the embodiments of the present invention so as not to obscure the disclosure with details that will be readily apparent to those of ordinary skill in the art having the benefit of the description herein.